O'Reilly logo
live online training icon Live Online training

CCNA Cyber Ops SECFND 210-250 crash course

Charles Judd

As the number of cyberattacks and data breaches continues to increase, so does the demand for cybersecurity talent. Employers are eager to fill these positions, but many estimates suggest a global workforce shortage in the millions. Cisco created the CCNA certifications to help address this challenge by preparing candidates for associate-level positions. CCNA Cyber Ops is Cisco’s newest certification offering, geared towards candidates interested in security analysis. This two-part certification serves as an entry point to a cybersecurity career. This hands-on three-hour training course provides a crash course in the first exam of the series, the SECFND 210-250.

Join instructor Charles Judd as he walks you through the SECFND 210-250 exam. You'll get an overview of the important topics you need to know to pass the exam, including an introduction to NetFlow, security principles, cryptography, Windows, Linux, and macOS analysis, security monitoring challenges, and attacks and vulnerabilities. Along the way, you'll explore real-world examples and jump into some live lab exercises designed to help ensure success on t he exam.

What you'll learn-and how you can apply it

By the end of this live online course, you’ll understand:

  • Basic security principles
  • Fundamental cryptography concepts
  • Types of attacks and vulnerabilities
  • NetFlow analysis
  • Windows, Linux, and macOS analysis

And you’ll be able to:

  • Identify important packet capture information
  • Identify specific threats, vulnerabilities, and exploits
  • Identify PII and PHI
  • Define important security policy principles
  • Describe operational challenges for security professionals

This training course is for you because...

  • You're an IT professional working with corporate networks, and you want to learn about emerging cybersecurity threats.
  • You're interested in learning the fundamentals of cybersecurity issues, and you want to earn a certification that reflects your progress.
  • You're entering into the security field, and you want a career working as an associate-level cybersecurity analyst within a security operations center.
  • You're planning to take the CCNA Cyber Ops SECFND 210-250 exam and want to prepare.


Materials or downloads needed in advance:

  • A running installation of Kali Linux, either as a standalone machine or a virtual instance

Recommended preparation:

Recommended follow-up:

CCNA Cyber Ops SECOPS 210-255 crash course (live online training with Charles Judd)

About your instructor

  • Charles Judd is a content developer and technical instructor at Kevin Wallace Training, LLC (https://kwtrain.com), a provider of self-paced training materials that simplify networking topics. He holds a bachelor of science in network security, an associate of science in applied technology, an associate of science in machine technology, a CCNA in routing and switching, and many other industry-specific certifications. Charles is currently in progress on the CCNP Routing and Switching track. His real-world experience includes a decade of CNC programming and operation, duties as a network engineer for a healthcare and HIPAA compliance-focused managed service provider, and freelance graphic/web designing and IT consulting. Charles lives in central Kentucky with his wife and their three sons.


The timeframes are only estimates and may vary according to how the class is progressing

Introduction to NetFlow (25 minutes)

  • Lecture: Basic NetFlow operation and data contents; information captured in NetFlow; how to examine outputs to identify important data
  • Hands-on exercise: Implement packet capture using Wireshark in Kali Linux to demonstrate NetFlow data

Security principles (25 minutes)

  • Lecture: The role of a security operation center (SOC) analyst; best practices for organizational security; important security principles that should be in place within SOC teams

Break (10 minutes)

Cryptography and public key infrastructure (25 minutes)

  • Lecture: Cryptography basic concepts; the components that make up several standards, including hashes, digital signatures, ciphers, keys, and public key infrastructure standards

Windows-based analysis (15 minutes)

  • Lecture: Key components of the Windows operating system; how to define processes, threads, registration, handles, services, and event logs; how these components interact with one another
  • Hands-on exercise: Interact with these components in a virtual operating system

Linux- and macOS-based analysis (10 minutes)

  • Lecture: The components of Unix-based operating systems; how to define processes, forks, permissions, symlinks, and daemons; how these components are interdependent
  • Hands-on exercise: Interact with these components in a virtual operating system

Break (10 minutes)

Security monitoring challenges (25 minutes)

  • Lecture: Common challenges to effective security monitoring, such as encryption, NAT, PAT, data exfiltration, and peer-to-peer communication

Types of attacks and vulnerabilities (25 minutes)

  • Lecture: Common types of attacks and well-known vulnerabilities, such as man-in-the-middle attacks, denial-of-service attacks, backdoors, ARP poisoning, spoofing, and password attacks
  • Hands-on exercise: Use Kali Linux tools to model some well-known attack types